[SAC] Fwd: Responsible Security Disclosure
Jachym Cepicky
jachym.cepicky at gmail.com
Fri Jul 7 08:43:03 PDT 2017
dear sac,
do you thing, you could handle this?
j
---------- Forwarded message ---------
From: <researcher at port43.consulting>
Date: Fri, 7 Jul 2017, 17:37
Subject: Responsible Security Disclosure
To: <info at osgeo.org>
During the course of a security research project I was completing, your
site foss4g.org was discovered to have a serious security vulnerability
present. The goal of this email is to responsibly disclose this issue to
you so your technical team can mitigate the issue as soon as possible and
minimize any impact. If you have an active bug bounty program you would
like me to report additional details through please reply with contact
information. Technical Details: The source code of your site is exposed at
the root of your site at foss4g.org/.git/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/sac/attachments/20170707/a694f4a9/attachment.html>
More information about the Sac
mailing list